Channels

Services

Microsoft withdraws placebo patch

Microsoft has withdrawn patch MS10-025 for Media Services under Windows 2000 Server, which was published last week, because it is ineffective. Jerry Bryant of the Security Response Center says the patch does not fix the actual problem – a remotely exploitable buffer overflow in Media Unicast Services. The software vendor now says it will publish a revised patch next week. However, the service is not installed by default.

While Microsoft says the critical hole is not currently being actively exploited, the Exploitability Index (published eight days ago) shows that the software vendor does expect working exploits to pop up soon. As a workaround, Microsoft recommends simply disabling the vulnerable service via the command line (especially for configurations in which the service is reachable from the Internet):

sc stop nsunicast & sc config nsunicast start= disabled

This recommendation applies both for users who have installed the patch and for those who haven't.

Officially, support will still be offered for Windows 2000 Professional and Windows 2000 Server under the "Extended Support" policy up to July 13, 2010. After that date will Microsoft discontinue the supply of free security updates.